package com.pioneer.dao;

import com.pioneer.beans.Job;

import java.sql.SQLException;
import java.sql.Connection;
import java.sql.DriverManager;
import java.sql.Statement;
import java.sql.ResultSet;

import java.util.Properties;
import java.util.List;
import java.util.ArrayList;
import java.util.StringTokenizer;


/**
 * Title:        Pioneer Application
 * Description:
 * Copyright:    Copyright (c) 2001
 * Company:      Pioneer Metals
 * @author Gary Chen
 * @version 1.0
 */

public abstract class JdbcDAO  {

	public static final String DATABASE_DRIVER="database_driver";
	public static final String DATABASE_URL="database_url";
	public static final String DATABASE_USER="database_user";
	public static final String DATABASE_PASSWORD="database_password";

	protected Connection connection;

    public JdbcDAO(Properties properties)
	throws DataAccessException
	{
		try
		{
			Class.forName(properties.getProperty(DATABASE_DRIVER));
		}
		catch (ClassNotFoundException ex)
		{
			throw new DataAccessException(ex.getMessage());
		}
		try
		{
		    connection=DriverManager.getConnection(properties.getProperty(DATABASE_URL),
		    properties.getProperty(DATABASE_USER),properties.getProperty(DATABASE_PASSWORD));
		}
		catch (SQLException ex)
		{
			throw new DataAccessException(ex.getMessage());
		}
    }

	public void destroy()
	{
		try
		{
		    connection.close();
		}
		catch (SQLException ex)
		{
			System.err.println(ex.getMessage());
		}
	}



	protected void updateStatement(String sqlString)
	throws DataAccessException
	{
		Statement stat=null;
		try
		{
			stat=connection.createStatement();
			System.out.println(stat.executeUpdate(sqlString)+" rows affected by update by "+sqlString);
		}
		catch (SQLException ex)
		{
			throw new DataAccessException(ex.getMessage());
		}
		finally
		{
			try
			{
				if (stat!=null) stat.close();
			}
			catch (SQLException ex)
			{
				System.err.println(ex.getMessage());
			}
		}

	}
	/*
	protected java.util.List selectStatement(String sqlString)
	throws DataAccessException
	{
		Statement stat=null;
		ResultSet rs=null;
		try
		{
			stat=connection.createStatement();
			rs=stat.executeQuery(sqlString);
			while (rs.next())
			{
			}
		}
		catch (SQLException ex)
		{
			throw new DataAccessException(ex.getMessage());
		}
		finally
		{
			try
			{
				if (rs!=null) rs.close();
				if (stat!=null) stat.close();
			}
			catch (SQLException ex)
			{
				System.err.println(ex.getMessage());
			}
		}

	}

	*/

	 
   /**
   * This function clears out any single quotes, replacing them with
   * sql-safe escape charactered single quotes (i.e. '-> '')
   */
	
  public static String sqlSafe(String sql){
    /*String returnThis=new String();
	//System.out.println("SQLSafe processing "+sql);
    StringTokenizer st = new StringTokenizer(sql,"'");
	StringBuffer buf=new StringBuffer();
    while(st.hasMoreTokens()){
		String nextOne=st.nextToken()+"''";
		//System.out.println("Next one:"+nextOne);
      buf.append(nextOne);
    }
	returnThis=buf.toString();
    //System.out.println("To return"+returnThis);

	return returnThis.substring(0,returnThis.length()-2);*/
	
	
	return sql.replaceAll("'","''");
  }
	
	
	public static void main(String args[]) {
		System.out.println("The output is "+sqlSafe("hello's Gary"));
	}
}
